Corelan Team (corelanc0d3r)

HITB2012AMS Day 1 – Window Shopping

Window Shopping: Browser Bugs Hunting in 2012 In the last talk of Day 1, Roberto Suggi Liverani and Scott Bell (not present during the presentation),  security consultants at Security-Assessment.com, will share the results of some intensive browser bug hunting research, and will drop 5 0days. Roberto starts by apologizing about the fact that Scott was not […]

HITB2012AMS Day 1 – One Flew Over The Cuckoos Nest

One Flew Over The Cuckoos Nest – Automated Malware Analysis Claudio Guarnieri, senior researcher at iSight Partner, and part of the Shadowserver Foundation and the HoneyPot project.  He works with malware on a daily basis, maintains malwr.com and is the main developer of the Cuckoo Sandbox, which is also the main topic of his talk. […]

HITB2012AMS Day 1 – WinRT The Metro-politan Museum of Security

WinRT : The Metro-politan Museum of Security Sébastien Renaud and Kévin Szkudlpaski start their talk by introducing themselves.  They both work as Security Researcher at Quarkslab, focusing on reverse engineering, dissecting network protocols and file formats. They will talk about the Windows Runtime, the foundation for the Metro platform in Windows 8. The agenda for […]

HITB2012AMS Day 1 – Intro and Keynote

Introduction Good morning everyone, After spending a couple of hours on the train, picking up my HITB badge, meeting with some of the organizers and having a great evening hanging out with Steven Seeley, Roberto Suggi Liverani, Nicolas Grégoire, Andy Ellis, Didier Stevens, and some other folks, conference time has arrived. With the conference taking place […]

Hack In The Box Amsterdam 2012 – Preview

In less than a week from now, Hack In The Box Amsterdam will open its 2012 edition. The conference will take place in the Okura Hotel, and features 3 days of training, 2 days of quad-track talks, a CTF and HackWEEKDAY, a 12 hour hackathon hosted alongside the actual confererence. The line-up looks promising…
Continue reading

BlackHat EU 2012 – Day 3

Good morning, Since doing live-blogging seemed to work out pretty well yesterday, I’ll do the same thing again today.  Please join in for day 3 at BlackHat Europe 2012, in a cloudy and rainy Amsterdam. The first talk I attended today was : “Secure Password Managers” and “Military Grade Encryption” on Smartphones Andrey Belenko and […]

BlackHat EU 2012 – Day 2

Welcome back friends, at day 2 of BlackHat Europe 2012, held in the Grand Hotel Krasnapolsky in the wonderful city of Amsterdam. Today, I’m going to do things slightly different.  I will try to post write-ups immediately after a presentation (and I’ll add in pictures later).   I will basically update this page all the […]

BlackHat EU 2012 – Day 1

  Introduction – Back in Amsterdam ! After a 2 year detour in Barcelona, BlackHat Europe has returned to Amsterdam again this year. After spending a few hours on the train, checking in at The Grand Hotel Krasnapolsky,  getting my ‘media’ badge (thank you BlackHat) & grabbing a delegate bag, and finally working my way […]

Exploit writing tutorial part 11 : Heap Spraying Demystified

A lot has been said and written already about heap spraying, but most of the existing documentation and whitepapers focus on IE7 or older versions.
Although there are a number of public exploits available that target IE8, the exact technique to do so has not been really documented in detail.
Of course, you can probably derive how it works by looking at those public exploits.

With this tutorial, I’m going to provide you with a full and detailed overview on what heap spraying is, and how to use it on old and newer platforms.
I’ll start with some “ancient” techniques (or classic techniques if you will) that can be used on IE6 and IE7.
We’ll also look at heap spraying for non-browser applications.
Next, we’ll talk about precision heap spraying, which is a requirement to make DEP bypass exploits work on IE8.
I’ll finish this tutorial with sharing some of my own research on getting reliable heap spraying to work on IE9.
Continue reading

Corelan T-Shirt Contest – Derbycon 2011

September is going to be a busy month.

With Brucon approaching very fast and Derbycon on its way as well, it looks like I will be spending more time at cons than at work :)

I’ll have the pleasure to teach the Corelan Live Exploit Development Bootcamp trainings at Brucon and Derbycon. If you are a student, make sure to check the prerequisites so we’re all set to make the training a success for everyone.
Continue reading

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
http://bit.ly/demandglobalchange
Read the full document at
http://bit.ly/demandglobalchange_full and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.



Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)

Categories